Skills
skills/lifangda/claude-plugins/hmdb-database/Gen Agent Trust Hub

hmdb-database

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWEXTERNAL_DOWNLOADSNO_CODEPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (SAFE): No executable scripts or automation logic are included. The mention of an R package installation is provided for manual researcher use.
  • [DATA_EXFILTRATION] (SAFE): No access to sensitive files or unauthorized network activity was detected.
  • [PROMPT_INJECTION] (LOW): The skill facilitates the ingestion of external data which is a potential surface for indirect injection. Evidence Chain: 1. Ingestion points: Bulk data downloads (XML, SDF, CSV) from hmdb.ca. 2. Boundary markers: Absent. 3. Capability inventory: None (The skill has no code or execution tools). 4. Sanitization: Absent.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill documentation suggests installing the 'hmdbQuery' R package. This involves external software from a third-party registry (Bioconductor).
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 09:08 AM